<?php

//////////////////////////////////////////////////
//			Xtra Forum Software                           //
//			      Version 0.1.0                                   //
//		 -----------------------------------------	          //
//               Copyright 2008, Xtra Forum Software           //
//	        http://www.xtraforumsoftware.us.to/           //
/////////////////////////////////////////////////

?>

<?php

function Register_Submit()
{
	global $db_prefix, $settings; // Include the gloabals, without these the registration WILL not work
	
	$username = mysql_real_escape_string($_POST['username']); // Escape and set the username
	$password = mysql_real_escape_string($_POST['password']); // Dito above
	$password_confirm = mysql_real_escape_string($_POST['confirm_password']); // Dito Above
	$md5pass = md5($password); // encrypt the password
	$email_address = mysql_real_escape_string($_POST['email_address']); // Escape and set the email address
	$terms_agree = $_POST['terms_agree']; // grab the terms agreement
	$date_registered = date('m:d:y'); // set the date registered
	$member_ip = $_SERVER['REMOTE_ADDR']; // Grab the users IP address
	$time_format = $settings['time_format']; // Set the servers time format
	$time_offset = $settings['time_offset']; // Set the servers time offset
	$theme_id = $settings['theme_id']; // Set the default theme_id
	if($settings['email_activation'] == "1") // Is email activated or deactivated? 1=yes 0=no
	{
		$is_activated = "0";
	}
	else
	{
		$is_activated = "1";
	}
	if($settings['allow_registration'] == "1") // Is registration allowed!?
	{
		if($terms_agree == "1") // Did the user agree to the terms?
		{
			if(isset($username)) // Is the username set?
			{
				if(strlen($username) <= "20") // Is the username longer than 20 characters?
				{
					if(isset($password)) // Is the password set?
					{
						if(isset($password_confirm)) // Is the password confirm set.
						{
							if($password == $password_confirm) // Do the password and the password confirm match?
							{
								if(strlen($password) <= "30") // Is the password more than 30 characters?
								{
									if(isset($email_address)) // Is the email set?
									{
										// Great, now query the database to see if the username already exists
										mysql_query("SELECT * FROM " .$db_prefix. "users WHERE username='$username'");
										$username_exist = mysql_affected_rows();
										if($username_exist == "0") // Does it exist?
										{
										// Does the email already exist? Is he trying to create more than one user using the same email?
										mysql_query("SELECT * FROM " .$db_prefix. "users WHERE email_address='$email_address'");
										$email_exist = mysql_affected_rows();
											if($email_exist == "0") // Does the email already exist?
											{
												// Guess not, now lets insert the user into the database, finally!
												mysql_query("INSERT INTO " .$db_prefix. "users (`username`, `date_registered`, `group_id`, `language`, `password`, `email_address`, `hide_email`, `show_online`, `time_format`, `time_offset`, `pm_email_notify`, `member_ip`, `theme_id`, `is_activated`, `post_group_id`) VALUES ('$username', '$date_registered', '1', 'english', '$md5pass', '$email_address', '1', '1', '$time_format', '$time_offset', '0', '$member_ip', '$theme_id', '$is_activated', '1')");
												$count = mysql_affected_rows();
												if($count == "1") // If the query was succesful then:
												{
													// Tell them they were succesful
													echo "Your account has been registered, you will be redirected in 5 seconds"; if($settings['email_activation'] == "1") { echo ", you should recieve a confirmation email within the next 24 hours, usually instantly. You will be redirected in 5 seconds"; } else { echo "."; };
													// Then force them to leave by redirecting them! MAUAHAHAH!
													?>
													<meta http-equiv="refresh" content="5;url=index.php">
													<?php
												}
											}
											else // This should be self explanatory.
											{
												echo "That email has already been registered, please go back and try again.";
											}
										}
										else
										{
											echo "That username already exists. Please go back and try again.";
										}
									}
									else
									{
										echo "The email address is not set, please go back and try again.";
									}
								}
								else
								{
									echo "Your password can not be more than 30 characters long.";
								}
							}
							else
							{
								echo "Your passwords do not match.";
							}
						}
						else
						{
							echo "You must confirm your password";
						}
					}
					else
					{
						echo "You did not enter a password.";
					}
				}
				else
				{
					echo "Your username can not be longer than 20 characters.";
				}
			}
			else
			{
				echo "Your must enter a username.";
			}
		}
		else
		{
			echo "You must agree to the Registration Terms & Rules!";
		}
	}
	else
	{
		echo "Registrations are currently closed.";
	}
}

?>